SOTI XSight Agent and SOTI MobiControl Security Certificate
Once the SOTI XSight Agent is installed on a device, it creates an SSL connection with the SOTI XSight server over port 5493.
Note: The process of establishing a secure connection utilizes
JSON Web Tokens (JWT). See Introduction to JSON Web Tokens.
Process for establishing a secure connection:
- The SOTI XSight Agent Service rejects the initial connection due to improper security (no JWT Token).
- The SOTI XSight Agent Service receives a device ID from the device’s newly-installed Agent.
- SOTI XSight Agent Service communicates with the SOTI MobiControl MS (Management Server) and creates a JWT token for this device.
- The script is deployed from the SOTI MobiControl DS (Deployment Server) to a SOTI MobiControl Agent and places a JWT token for the device in the SOTI MobiControl Agent database.
- The SOTI XSight Agent communicates to the SOTI MobiControl Agent to receive the JWT token and place it in the SOTI XSight Agent database.
- The SOTI XSight Agent then retries its initial failed connection but now presents its JWT token to the XAS, and the connection is successful.
-
After a successful connection with XAS, the SOTI XSight Agent requests a JWT access token and server configuration from the Chat service via XAS.
-
The SOTI XSight Agent launches the Chat agent with the JWT access token and server configuration provided.
-
The SOTI XSight Chat agent connects to the SOTI XSight Chat service. The SOTI XSight Agent and XAS server continue to refresh the chat JWT token as needed.